Securix Linux

Securix Installer isn’t public available yet. You can see progress in this post.

version 03/01/2012

• added grub fallback in case of problems with new kernel (panic, ect..)
• added grub password to avoid unauthorized single user mode
• added automatic serial terminal access detection and setup
• added genkernel configuration generator for further kernel updates
• added user auditing, bash commands logging
• added limits.conf – protection against depletion of system resources, fork bombs, ect.
• added login.defs to align with Securix environment
• added VESA framebuffer with Securix Linux Logo on boot (vga 791)
• added Securix system groups operators and services
• added terminal encoding in UTF-8
• added pvcreate force to avoid questions when LVM already exist
• fix fstab LVM misconfiguration
• fix login issue (securetty)
• fix iptables-save

version 15/12/2011

• advanced partitioning (boot, swap, root, usr, home, var, opt, tmp) with options (where possible) noatime, nodev, nosuid, noexec
• Full disk encryption (LUKS)
• LVM automatically for disks >20GB
• predefined kernel setup for virtual environments (VirtualBox, KVM, VMware, …)
• rewritten yesno function
• securix user for first login

08/2011 – 16/11/2011

• environment checking, architecture, network
• functions, variables, system setup, trap errors
• hostname, root password, manual network setup, …
• partitioning (/boot, swap, /)
• stage3 and portage installation
• make.conf generator
• CHROOT script
• system installation, configuration & hardening
• kernel compiling
• grub installation and setup
• compiling system applications
• iptables script
• sysctl config
• kernel accelerated AES encryption
• …

Hi all,

I just want to inform you how it looks with Securix project now.

I have spent a lot of hours on Google to find out some installers for Gentoo.

I’ve found Cryptogen from guy called OozIe – http://blog.ooz.ie/search/label/cryptogen but link on cryptogen.sh is broken and OozIe is unable to find it out anymore.

Next project is Anaconda for Gentoo (from wiktor w brodlo) which can be great for further Gentoo installations because at this moment you must setup Gentoo by yourself (step-by-step) with Gentoo Handbook but most of installations are totally same so it is painful to do same things again and again…
This project is just on start, but can be very useful for next Gentoo releases.

Problem is that Anaconda installer using X but Securix not, so it make no sense to install system via GUI if system itself have no X environment.

Solution is: own script :] Securix Installer is written in bash and should ask you only for device/disk where you want install system, hostname and password. Everything else is setup automatically (architecture, gcc options, use flags, kernel, grub, …) to get maximum from your hardware.

Script isn’t completed yet and it takes some time of troubleshooting until I can release it as public, but from that time we can have first beta of Securix!

Stay tuned, more to come!

You can find Securix sysctl.conf file on our WiKi.

Every feedback is appreciated. Thx

http://securix.security-portal.cz/wiki/doku.php/etc_sysctl.conf

Hi,

I’ve installed DokuWiki into Securix website where I will post all configurations, installation setup, howto’s and other related informations.

If you have some improvement don’t hesitate and update content. [link]

Thank you!

Hi all,

fact that you don’t see updates on webpage doesn’t mean inactivity of project.

Currently I’m testing new settings and features on corporate environment just to be sure that I’m on right way. You can setup verbose auditing but if log files take 100GB per week then it isn’t very usable.

Please be patient 

thx

Hi visitor,

currently we haven’t official release yet. Our project is just on start and it will take few months until first release can be available for download as VirtualBox image.

Come back again later or check Current status page.

===

  _________                                        __
 /   _____/   ____    _____    __  __  ________   |__| ___  ___
 \_____  \   / __ \  /   __\  |  ||  \ \_  ___ \  |  | \  \/  /
 ______|  \ |  ___/  \  \___  |  ||  /  |  |_/ /  |  |  > || <
/_________/  \_____\  \_____\ |_____/   |__| |_\  |__| /__/\__\